<!DOCTYPE html>
<html lang=zh>
<head>
    <!-- so meta -->
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="HandheldFriendly" content="True">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
    <meta name="description" content="Cobalt Strike简介及安装VPS搭建教程配合视频设置密码 一、什么是Cobalt StrikeCobalt  Strike基于Java开发，业界称为CS神器，是一款功能强大的商业渗透测试工具，它的交互后渗透（post-exploit）功能涵盖了ATT&amp;CK战术的所有领域，且可以全部在一个集成系统中使用。除此之外，Cobalt Strike还可以调用像Metasploit和Mi">
<meta property="og:type" content="article">
<meta property="og:title" content="[内网安全]工具篇CobaltStrike基础使用">
<meta property="og:url" content="https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/index.html">
<meta property="og:site_name" content="TonyD0g">
<meta property="og:description" content="Cobalt Strike简介及安装VPS搭建教程配合视频设置密码 一、什么是Cobalt StrikeCobalt  Strike基于Java开发，业界称为CS神器，是一款功能强大的商业渗透测试工具，它的交互后渗透（post-exploit）功能涵盖了ATT&amp;CK战术的所有领域，且可以全部在一个集成系统中使用。除此之外，Cobalt Strike还可以调用像Metasploit和Mi">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNBPjs.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNB93Q.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNBCcj.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNrAYT.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNrZpF.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNrEfU.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNrkkV.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNriT0.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNrel4.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNsWxe.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNshKH.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNsyUx.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNsDbR.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNsBr9.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNs656.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNssV1.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNsgPK.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNs28O.png">
<meta property="og:image" content="https://s4.ax1x.com/2022/03/04/bNsR2D.png">
<meta property="article:published_time" content="2022-03-22T07:23:22.000Z">
<meta property="article:modified_time" content="2023-07-20T07:35:22.621Z">
<meta property="article:author" content="TonyD0g">
<meta property="article:tag" content="内网安全">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://s4.ax1x.com/2022/03/04/bNBPjs.png">
    
    
        
          
              <link rel="shortcut icon" href="/images/favicon.ico">
          
        
        
          
            <link rel="icon" type="image/png" href="/images/favicon-192x192.png" sizes="192x192">
          
        
        
          
            <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon.png">
          
        
    
    <!-- title -->
    <title>[内网安全]工具篇CobaltStrike基础使用</title>
    <!-- styles -->
    
<link rel="stylesheet" href="/css/style.css">

    <!-- persian styles -->
    
      
<link rel="stylesheet" href="/css/rtl.css">

    
    <!-- rss -->
    
    
<meta name="generator" content="Hexo 4.2.1"></head>

<body class="max-width mx-auto px3 ltr">
    
      <div id="header-post">
  <a id="menu-icon" href="#"><i class="fas fa-bars fa-lg"></i></a>
  <a id="menu-icon-tablet" href="#"><i class="fas fa-bars fa-lg"></i></a>
  <a id="top-icon-tablet" href="#" onclick="$('html, body').animate({ scrollTop: 0 }, 'fast');" style="display:none;"><i class="fas fa-chevron-up fa-lg"></i></a>
  <span id="menu">
    <span id="nav">
      <ul>
         
          <li><a href="/">首页</a></li>
         
          <li><a href="/about/">关于</a></li>
         
          <li><a href="/tags/">标签</a></li>
         
          <li><a href="/friends/">friends</a></li>
         
          <li><a href="/archives/">归档</a></li>
         
          <li><a href="https://github.com/TonyD0g">项目</a></li>
         
          <li><a href="/search/">搜索</a></li>
        
      </ul>
    </span>
    <br/>
    <span id="actions">
      <ul>
        
        <li><a class="icon" href="/2022/04/14/%E6%8E%89%E5%9D%91%E6%97%A5%E8%AE%B0%E6%8E%89%E5%9D%91%E6%B1%87%E6%80%BB/"><i class="fas fa-chevron-left" aria-hidden="true" onmouseover="$('#i-prev').toggle();" onmouseout="$('#i-prev').toggle();"></i></a></li>
        
        
        <li><a class="icon" href="/2022/03/03/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E7%90%86%E8%AE%BA%E7%AF%87%E5%86%85%E7%BD%91%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E5%9F%BA%E7%A1%80/"><i class="fas fa-chevron-right" aria-hidden="true" onmouseover="$('#i-next').toggle();" onmouseout="$('#i-next').toggle();"></i></a></li>
        
        <li><a class="icon" href="#" onclick="$('html, body').animate({ scrollTop: 0 }, 'fast');"><i class="fas fa-chevron-up" aria-hidden="true" onmouseover="$('#i-top').toggle();" onmouseout="$('#i-top').toggle();"></i></a></li>
        <li><a class="icon" href="#"><i class="fas fa-share-alt" aria-hidden="true" onmouseover="$('#i-share').toggle();" onmouseout="$('#i-share').toggle();" onclick="$('#share').toggle();return false;"></i></a></li>
      </ul>
      <span id="i-prev" class="info" style="display:none;">上一篇</span>
      <span id="i-next" class="info" style="display:none;">下一篇</span>
      <span id="i-top" class="info" style="display:none;">返回顶部</span>
      <span id="i-share" class="info" style="display:none;">分享文章</span>
    </span>
    <br/>
    <div id="share" style="display: none">
      <ul>
  <li><a class="icon" href="http://www.facebook.com/sharer.php?u=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/" target="_blank" rel="noopener"><i class="fab fa-facebook " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://twitter.com/share?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&text=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-twitter " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.linkedin.com/shareArticle?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-linkedin " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://pinterest.com/pin/create/bookmarklet/?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&is_video=false&description=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-pinterest " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="mailto:?subject=[内网安全]工具篇CobaltStrike基础使用&body=Check out this article: https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/"><i class="fas fa-envelope " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://getpocket.com/save?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-get-pocket " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://reddit.com/submit?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-reddit " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.stumbleupon.com/submit?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-stumbleupon " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://digg.com/submit?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-digg " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.tumblr.com/share/link?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&name=[内网安全]工具篇CobaltStrike基础使用&description=" target="_blank" rel="noopener"><i class="fab fa-tumblr " aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://news.ycombinator.com/submitlink?u=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&t=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-hacker-news " aria-hidden="true"></i></a></li>
</ul>

    </div>
    <div id="toc">
      <ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike简介及安装"><span class="toc-number">1.</span> <span class="toc-text">Cobalt Strike简介及安装</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#一、什么是Cobalt-Strike"><span class="toc-number">1.0.1.</span> <span class="toc-text">一、什么是Cobalt Strike</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#二、Cobalt-Strike安装"><span class="toc-number">1.0.2.</span> <span class="toc-text">二、Cobalt Strike安装</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#1、环境准备："><span class="toc-number">1.0.2.1.</span> <span class="toc-text">1、环境准备：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、安装Cobalt-Strike"><span class="toc-number">1.0.2.2.</span> <span class="toc-text">2、安装Cobalt Strike</span></a></li></ol></li><li class="toc-item toc-level-3"><a class="toc-link" href="#三、启动服务器和客户端"><span class="toc-number">1.0.3.</span> <span class="toc-text">三、启动服务器和客户端</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#1、启动服务端"><span class="toc-number">1.0.3.1.</span> <span class="toc-text">1、启动服务端</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、启动客户端"><span class="toc-number">1.0.3.2.</span> <span class="toc-text">2、启动客户端</span></a></li></ol></li></ol></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike功能简介"><span class="toc-number">2.</span> <span class="toc-text">Cobalt Strike功能简介</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#1、Coblat-Strike菜单"><span class="toc-number">2.0.0.1.</span> <span class="toc-text">1、Coblat Strike菜单</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、View菜单"><span class="toc-number">2.0.0.2.</span> <span class="toc-text">2、View菜单</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#3、Attacks模块下Packages功能"><span class="toc-number">2.0.0.3.</span> <span class="toc-text">3、Attacks模块下Packages功能</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#4、-Attacks模块下Web-Drive-by功能"><span class="toc-number">2.0.0.4.</span> <span class="toc-text">4、  Attacks模块下Web Drive-by功能</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#5、Reporting模块"><span class="toc-number">2.0.0.5.</span> <span class="toc-text">5、Reporting模块</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#6、Help模块"><span class="toc-number">2.0.0.6.</span> <span class="toc-text">6、Help模块</span></a></li></ol></li></ol></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike简单使用"><span class="toc-number">3.</span> <span class="toc-text">Cobalt Strike简单使用</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#一、配置监听器"><span class="toc-number">3.0.1.</span> <span class="toc-text">一、配置监听器</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#二、创建远程Payload"><span class="toc-number">3.0.2.</span> <span class="toc-text">二、创建远程Payload</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#三、右键菜单功能介绍"><span class="toc-number">3.0.3.</span> <span class="toc-text">三、右键菜单功能介绍</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#0、Interact功能简介："><span class="toc-number">3.0.3.1.</span> <span class="toc-text">0、Interact功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#1、Access下功能简介："><span class="toc-number">3.0.3.2.</span> <span class="toc-text">1、Access下功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、Explore功能简介："><span class="toc-number">3.0.3.3.</span> <span class="toc-text">2、Explore功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#3、Pivoting功能简介"><span class="toc-number">3.0.3.4.</span> <span class="toc-text">3、Pivoting功能简介:</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#4、Spawn功能简介："><span class="toc-number">3.0.3.5.</span> <span class="toc-text">4、Spawn功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#5、Session功能简介："><span class="toc-number">3.0.3.6.</span> <span class="toc-text">5、Session功能简介：</span></a></li></ol></li></ol></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike和Metasploit联动："><span class="toc-number">4.</span> <span class="toc-text">Cobalt Strike和Metasploit联动：</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike流量隐藏："><span class="toc-number">5.</span> <span class="toc-text">Cobalt Strike流量隐藏：</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#编写配置文件："><span class="toc-number">6.</span> <span class="toc-text">编写配置文件：</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#linux-内网渗透"><span class="toc-number">7.</span> <span class="toc-text">linux 内网渗透</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#魔改CS"><span class="toc-number">8.</span> <span class="toc-text">魔改CS</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#学习来源"><span class="toc-number">8.0.1.</span> <span class="toc-text">学习来源:</span></a></li></ol></li></ol></li></ol>
    </div>
  </span>
</div>

    
    <div class="content index py4">
        
        <article class="post" itemscope itemtype="http://schema.org/BlogPosting">
  <header>
    
    <h1 class="posttitle" itemprop="name headline">
        [内网安全]工具篇CobaltStrike基础使用
    </h1>



    <div class="meta">
      <span class="author" itemprop="author" itemscope itemtype="http://schema.org/Person">
        <span itemprop="name">TonyD0g</span>
      </span>
      
    <div class="postdate">
      
        <time datetime="2022-03-22T07:23:22.000Z" itemprop="datePublished">2022-03-22</time>
        
        (Updated: <time datetime="2023-07-20T07:35:22.621Z" itemprop="dateModified">2023-07-20</time>)
        
      
    </div>


      

      
    <div class="article-tag">
        <i class="fas fa-tag"></i>
        <a class="tag-link" href="/tags/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8/" rel="tag">内网安全</a>
    </div>


    </div>
  </header>
  

  <div class="content" itemprop="articleBody">
    <span id="more"></span>

<h1 id="Cobalt-Strike简介及安装"><a href="#Cobalt-Strike简介及安装" class="headerlink" title="Cobalt Strike简介及安装"></a>Cobalt Strike简介及安装</h1><p><a href="https://www.baidu.com/link?url=XgrxY_oMH2eNO5oOn0_efadHCv0JMTJhzu6x_WMVUxTG7LGZ-HK5aJ3Y_SYZb2svlojwtCzkwt46HSb1GqJTwI6TgwyGEmmes-PjPM9xya3&wd=&eqid=b30d669f0000d0560000000662629d46" target="_blank" rel="noopener">VPS搭建教程</a><br><a href="https://www.bilibili.com/video/av844361914/" target="_blank" rel="noopener">配合视频</a><br><a href="https://suijimimashengcheng.bmcx.com/" target="_blank" rel="noopener">设置密码</a></p>
<h3 id="一、什么是Cobalt-Strike"><a href="#一、什么是Cobalt-Strike" class="headerlink" title="一、什么是Cobalt Strike"></a>一、什么是Cobalt Strike</h3><p>Cobalt  Strike基于Java开发，业界称为CS神器，是一款功能强大的商业渗透测试工具，它的交互后渗透（post-exploit）功能涵盖了ATT&amp;CK战术的所有领域，且可以全部在一个集成系统中使用。除此之外，Cobalt Strike还可以调用像Metasploit和Mimikatz之类的其他神器，极大地丰富了自身能力。</p>
<p>CobaltStrike集成了端口转发、端口扫描、socket代理、提权、钓鱼、远控木马等功能。</p>
<p>Cobalt Strike是C&#x2F;S架构的。分为服务端和客户端。可以将服务端部署在云服务器上，也可以部署在本地局域网中。如果仅是个人使用，可以将服务端和客户端都部署在虚拟机KALI中。</p>
<h3 id="二、Cobalt-Strike安装"><a href="#二、Cobalt-Strike安装" class="headerlink" title="二、Cobalt Strike安装"></a>二、Cobalt Strike安装</h3><h4 id="1、环境准备："><a href="#1、环境准备：" class="headerlink" title="1、环境准备："></a>1、环境准备：</h4><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">KALI虚拟机（版本没特定要求）</span><br><span class="line">JDK8或者JDK11（kali自带，可以不用安装。如果是windows系统需要自行安装。）</span><br><span class="line">Cobalt Strike（在本章节目录中，压缩包名为cobaltstrike4.0-cracked.zip）</span><br></pre></td></tr></table></figure>

<h4 id="2、安装Cobalt-Strike"><a href="#2、安装Cobalt-Strike" class="headerlink" title="2、安装Cobalt Strike"></a>2、安装Cobalt Strike</h4><p>将压缩包复制粘贴到KALI中。</p>
<p>使用<code>unzip</code>命令解压文件。</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNBPjs.png" alt="avatar"></p>
<h3 id="三、启动服务器和客户端"><a href="#三、启动服务器和客户端" class="headerlink" title="三、启动服务器和客户端"></a>三、启动服务器和客户端</h3><p>首先在KALI终端中输入<code>ifconfig</code>查看本机IP地址，用于服务器的IP地址，以便客户端的链接。</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNB93Q.png" alt="avatar"></p>
<h4 id="1、启动服务端"><a href="#1、启动服务端" class="headerlink" title="1、启动服务端"></a>1、启动服务端</h4><p>输入以下命令，启动<strong>服务端</strong>（记得cd进入cobaltstrike文件目录中）：</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">sudo ./teamserver 192.168.12.129 password(输入一个密码)</span><br></pre></td></tr></table></figure>

<h4 id="2、启动客户端"><a href="#2、启动客户端" class="headerlink" title="2、启动客户端"></a>2、启动客户端</h4><p>(前提还是要进入cobaltstrike文件目录中)<br>输入以下命令，启动<strong>客户端</strong>：</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">java -XX:ParallelGCThreads=4 -XX:+AggressiveHeap -XX:+UseParallelGC -Xms512M -Xmx1024M -jar cobaltstrike.jar</span><br></pre></td></tr></table></figure>

<p>输入命令后，会出现一个对话框，需填写<code>Host</code>和<code>Password</code>，即服务端IP地址，和设置的密码，最后点击<code>Connect</code>：</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNBCcj.png" alt="avatar"></p>
<h1 id="Cobalt-Strike功能简介"><a href="#Cobalt-Strike功能简介" class="headerlink" title="Cobalt Strike功能简介"></a>Cobalt Strike功能简介</h1><h4 id="1、Coblat-Strike菜单"><a href="#1、Coblat-Strike菜单" class="headerlink" title="1、Coblat Strike菜单"></a>1、Coblat Strike菜单</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNrAYT.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">New Connection 	新的连接(支持连接多个服务器端) </span><br><span class="line">Preferences 	偏好设置(设置Cobal Strike界面、控制台、以及输出报告样式、TeamServer连接记录等)</span><br><span class="line">Visualization 	窗口视图模式(展示输出结果的形式)</span><br><span class="line">VPN Interfaces 	VPN接入</span><br><span class="line">Listenrs 	    监听器(创建Listener)</span><br><span class="line">Script Manager 	脚本管理</span><br><span class="line">Close 	        关闭客户端 </span><br></pre></td></tr></table></figure>

<h4 id="2、View菜单"><a href="#2、View菜单" class="headerlink" title="2、View菜单"></a>2、View菜单</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNrZpF.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">Applications 	应用(显示受害者机器的应用信息)</span><br><span class="line">Credentials 	凭证(通过hashdump或Mimikatz抓取过的密码都会储存在这里)</span><br><span class="line">Downloads 	    下载文件</span><br><span class="line">Event Log 	    事件日志(主机上线记录以及团队协作聊天记录)</span><br><span class="line">Keystrokes 	    键盘记录</span><br><span class="line">Proxy Pivots 	代理模块</span><br><span class="line">Screenshots 	受害者机器屏幕截图</span><br><span class="line">Script Console 	脚本控制台(可以加载各种脚本)</span><br><span class="line">Targets 	    显示目标主机</span><br><span class="line">Web Log 	    Web日志 </span><br></pre></td></tr></table></figure>

<h4 id="3、Attacks模块下Packages功能"><a href="#3、Attacks模块下Packages功能" class="headerlink" title="3、Attacks模块下Packages功能"></a>3、Attacks模块下Packages功能</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNrEfU.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">HTML Application 		生成恶意的HTA木马文件</span><br><span class="line">MS Office Macro 		生成office宏病毒文件</span><br><span class="line">Payload Generator 		生成各种语言版本的payload</span><br><span class="line">Windows Executable 		生成Windows可执行payload</span><br><span class="line">Windows Executable(S) 	把包含payload,Stageless生成可执行文件(包含多数功能) </span><br></pre></td></tr></table></figure>

<h4 id="4、-Attacks模块下Web-Drive-by功能"><a href="#4、-Attacks模块下Web-Drive-by功能" class="headerlink" title="4、  Attacks模块下Web Drive-by功能"></a>4、  Attacks模块下Web Drive-by功能</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNrkkV.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">Manage 					对开启的web服务进行管理</span><br><span class="line">Clone Site 				克隆网站(可记录受害者提交的数据)</span><br><span class="line">Host File 				提供Web以供下载某文件</span><br><span class="line">Scripted Web Delivery 	提供Web服务，便于下载和执行PowerShell Payload</span><br><span class="line">Signed Applet Attack 	启动一个Web服务以提供自签名Java Applet的运行环境</span><br><span class="line">Smart Applet Attack 	自动检测Java版本并利用已知的exploits绕过security</span><br><span class="line">System Profiler 		用来获取一些系统信息，比如系统版本，Flash版本，浏览器版本等 </span><br></pre></td></tr></table></figure>

<h4 id="5、Reporting模块"><a href="#5、Reporting模块" class="headerlink" title="5、Reporting模块"></a>5、Reporting模块</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNriT0.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line">Activity report 						活动报告</span><br><span class="line">Hosts report 							主机报告</span><br><span class="line">Indicators of Compromise 				威胁报告</span><br><span class="line">Sessions report 						会话报告</span><br><span class="line">Social engineering report 				社会工程学报告</span><br><span class="line">Tactics, Techniques, and Procedures 	策略、技巧和程序</span><br><span class="line">Reset Data 								重置数据</span><br><span class="line">Export Data 							导出数据 </span><br></pre></td></tr></table></figure>

<h4 id="6、Help模块"><a href="#6、Help模块" class="headerlink" title="6、Help模块"></a>6、Help模块</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNrel4.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">Homepage 			官方网站</span><br><span class="line">Support 			技术支持，文档介绍</span><br><span class="line">Arsenal 			武器库工具集（需正版授权码）</span><br><span class="line">System information 	系统及版本信息</span><br><span class="line">About 				关于 </span><br></pre></td></tr></table></figure>

<h1 id="Cobalt-Strike简单使用"><a href="#Cobalt-Strike简单使用" class="headerlink" title="Cobalt Strike简单使用"></a>Cobalt Strike简单使用</h1><h3 id="一、配置监听器"><a href="#一、配置监听器" class="headerlink" title="一、配置监听器"></a>一、配置监听器</h3><p>1、选择<code>Cobalt Strike下Listener下的Add</code></p>
<p>2、Payload选择Beacon HTTP，Host填入团队服务器IP</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNsWxe.png" alt="avatar"></p>
<p>3、点击Sava即可</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNshKH.png" alt="avatar"></p>
<h3 id="二、创建远程Payload"><a href="#二、创建远程Payload" class="headerlink" title="二、创建远程Payload"></a>二、创建远程Payload</h3><p>1、选择 Attacks 下的Packages下的Windows Executable。</p>
<p>2、Listener选择刚刚创建的listener1。</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNsyUx.png" alt="avatar"></p>
<p>3、点击Generate，生成文件artifact1.exe选择文件保存位置。<br><img src="https://s4.ax1x.com/2022/03/04/bNsDbR.png" alt="avatar"></p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNsBr9.png" alt="avatar"><br>4、将保存的exe放入靶机中，可以自己新建一个windows虚拟机（基础使用没有免杀，记得关杀毒），放入之后，双击执行。</p>
<p><img src="https://s4.ax1x.com/2022/03/04/bNs656.png" alt="avatar"></p>
<h3 id="三、右键菜单功能介绍"><a href="#三、右键菜单功能介绍" class="headerlink" title="三、右键菜单功能介绍"></a>三、右键菜单功能介绍</h3><p>如果受害者机器上线，可以使用右键下的功能，进一步实验测试。</p>
<h4 id="0、Interact功能简介："><a href="#0、Interact功能简介：" class="headerlink" title="0、Interact功能简介："></a>0、Interact功能简介：</h4><p>Interact功能主要是使用Beacon，来执行各种命令。在Cobalt  Strike中，默认心跳为60s，执行命令的响应很慢。可以对其进行更改。在beacon中，如果想对目标进行命令管理，需要在前面加上shell，如shell whoami、shell ipconfig等。</p>
<h4 id="1、Access下功能简介："><a href="#1、Access下功能简介：" class="headerlink" title="1、Access下功能简介："></a>1、Access下功能简介：</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNssV1.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">Dump Hashes 	获取hash</span><br><span class="line">Elevate 		提权</span><br><span class="line">Golden Ticket 	生成黄金票据注入当前会话</span><br><span class="line">Make Token 		新建登录用户</span><br><span class="line">One-liner 		创建反向shell</span><br><span class="line">Run Mimikatz 	运行 Mimikatz</span><br><span class="line">Spawn As 		用其他用户生成Cobalt Strike侦听器 </span><br></pre></td></tr></table></figure>

<h4 id="2、Explore功能简介："><a href="#2、Explore功能简介：" class="headerlink" title="2、Explore功能简介："></a>2、Explore功能简介：</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNsgPK.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">Browser Pivot 	劫持目标浏览器进程</span><br><span class="line">Desktop(VNC) 	桌面交互</span><br><span class="line">File Browser 	文件浏览器</span><br><span class="line">Net View 		命令Net View</span><br><span class="line">Port Scan 		端口扫描</span><br><span class="line">Process List 	进程列表</span><br><span class="line">Screenshot 		屏幕截图 </span><br></pre></td></tr></table></figure>

<h4 id="3、Pivoting功能简介"><a href="#3、Pivoting功能简介" class="headerlink" title="3、Pivoting功能简介:"></a>3、Pivoting功能简介:</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNs28O.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">SOCKS Server 	socks代理服务</span><br><span class="line">Listener 		反向端口转发</span><br><span class="line">Deploy VPN 		部署VPN </span><br></pre></td></tr></table></figure>

<h4 id="4、Spawn功能简介："><a href="#4、Spawn功能简介：" class="headerlink" title="4、Spawn功能简介："></a>4、Spawn功能简介：</h4><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">Spawn 	外部监听器(如指派给MSF，获取meterpreter权限)</span><br></pre></td></tr></table></figure>

<h4 id="5、Session功能简介："><a href="#5、Session功能简介：" class="headerlink" title="5、Session功能简介："></a>5、Session功能简介：</h4><p><img src="https://s4.ax1x.com/2022/03/04/bNsR2D.png" alt="avatar"></p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">Note 	备注</span><br><span class="line">Color 	颜色标记</span><br><span class="line">Remove 	删除</span><br><span class="line">Sleep 	指定被控端休眠时间，默认60秒一次回传，让被控端每10秒来下载一次任务。实际中频率不宜过快,容易被发现。</span><br><span class="line">Exit 	退出 </span><br></pre></td></tr></table></figure>

<h1 id="Cobalt-Strike和Metasploit联动："><a href="#Cobalt-Strike和Metasploit联动：" class="headerlink" title="Cobalt Strike和Metasploit联动："></a>Cobalt Strike和Metasploit联动：</h1><p><a href="https://www.cnblogs.com/nongchaoer/p/12055317.html" target="_blank" rel="noopener">Cobalt Strike和Metasploit联动</a></p>
<h1 id="Cobalt-Strike流量隐藏："><a href="#Cobalt-Strike流量隐藏：" class="headerlink" title="Cobalt Strike流量隐藏："></a>Cobalt Strike流量隐藏：</h1><p><a href="https://xz.aliyun.com/t/10653" target="_blank" rel="noopener">cs特征隐藏</a><br><a href="https://xz.aliyun.com/t/9542#toc-0" target="_blank" rel="noopener">CobaltStrike特征隐藏</a><br><a href="https://xz.aliyun.com/t/9616" target="_blank" rel="noopener">填坑技巧-CDN隐藏C2</a><br><a href="https://xz.aliyun.com/t/11099#toc-0" target="_blank" rel="noopener">CDN及特征隐匿Cobalt Strike</a><br><a href="https://www.jianshu.com/p/e7701efef047" target="_blank" rel="noopener">Cobalt Strike 的特征</a></p>
<h1 id="编写配置文件："><a href="#编写配置文件：" class="headerlink" title="编写配置文件："></a>编写配置文件：</h1><p><a href="https://www.baidu.com/link?url=5bTUalsxcc7Xw6JKNGsuYrUuUnk6IWfL1t8qRpvMLJoELqun1psBCpMq_h1ibd2NEYjRPEzK3UQQjjORnA1PglhPKgQCYkPiqEHjyAz40Ju&wd=&eqid=fb2006e60000bf4e0000000662663d08" target="_blank" rel="noopener">Cobalt Strike从入门到精通之定制配置文件进行高级攻击</a><br><a href="https://xz.aliyun.com/t/2796" target="_blank" rel="noopener">深入研究配置文件</a></p>
<h1 id="linux-内网渗透"><a href="#linux-内网渗透" class="headerlink" title="linux 内网渗透"></a>linux 内网渗透</h1><p><a href="https://hacat.top/2021/08/29/b6725d78.html" target="_blank" rel="noopener">Cobalt-Strike之CrossC2插件安装与linux上线</a></p>
<h1 id="魔改CS"><a href="#魔改CS" class="headerlink" title="魔改CS"></a>魔改CS</h1><ul>
<li><a href="https://38-5s-organization.gitbook.io/cobalt-strike-start/0x02-cobalt-strike-gai-zao/shi-yong-intellij-idea-gou-jian-er-ci-kai-fa-huan-jing" target="_blank" rel="noopener">使用 IntelliJ IDEA 构建二次开发环境 - Cobalt-Strike-Start</a></li>
<li><a href="https://mp.weixin.qq.com/mp/appmsgalbum?__biz=MzkxMTMxMjI2OQ==&action=getalbum&album_id=2174670809724747778&scene=173&from_msgid=2247484015&from_itemidx=1&count=3&nolastread=1#wechat_redirect" target="_blank" rel="noopener">#CobaltStrike逆向学习系列</a></li>
<li><a href="https://bbs.kanxue.com/homepage-718877.htm" target="_blank" rel="noopener">快乐鸡哥CS系列</a></li>
</ul>
<h3 id="学习来源"><a href="#学习来源" class="headerlink" title="学习来源:"></a>学习来源:</h3><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">1.网络(忘了哪了...)</span><br><span class="line"></span><br><span class="line">2.Cobalt Strike 4.0 手册:</span><br><span class="line">https://blog.ateam.qianxin.com/CobaltStrike4.0%E7%94%A8%E6%88%B7%E6%89%8B%E5%86%8C_%E4%B8%AD%E6%96%87%E7%BF%BB%E8%AF%91.pdf</span><br></pre></td></tr></table></figure>


  </div>
</article>



        
          <div id="footer-post-container">
  <div id="footer-post">

    <div id="nav-footer" style="display: none">
      <ul>
         
          <li><a href="/">首页</a></li>
         
          <li><a href="/about/">关于</a></li>
         
          <li><a href="/tags/">标签</a></li>
         
          <li><a href="/friends/">friends</a></li>
         
          <li><a href="/archives/">归档</a></li>
         
          <li><a href="https://github.com/TonyD0g">项目</a></li>
         
          <li><a href="/search/">搜索</a></li>
        
      </ul>
    </div>

    <div id="toc-footer" style="display: none">
      <ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike简介及安装"><span class="toc-number">1.</span> <span class="toc-text">Cobalt Strike简介及安装</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#一、什么是Cobalt-Strike"><span class="toc-number">1.0.1.</span> <span class="toc-text">一、什么是Cobalt Strike</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#二、Cobalt-Strike安装"><span class="toc-number">1.0.2.</span> <span class="toc-text">二、Cobalt Strike安装</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#1、环境准备："><span class="toc-number">1.0.2.1.</span> <span class="toc-text">1、环境准备：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、安装Cobalt-Strike"><span class="toc-number">1.0.2.2.</span> <span class="toc-text">2、安装Cobalt Strike</span></a></li></ol></li><li class="toc-item toc-level-3"><a class="toc-link" href="#三、启动服务器和客户端"><span class="toc-number">1.0.3.</span> <span class="toc-text">三、启动服务器和客户端</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#1、启动服务端"><span class="toc-number">1.0.3.1.</span> <span class="toc-text">1、启动服务端</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、启动客户端"><span class="toc-number">1.0.3.2.</span> <span class="toc-text">2、启动客户端</span></a></li></ol></li></ol></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike功能简介"><span class="toc-number">2.</span> <span class="toc-text">Cobalt Strike功能简介</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#1、Coblat-Strike菜单"><span class="toc-number">2.0.0.1.</span> <span class="toc-text">1、Coblat Strike菜单</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、View菜单"><span class="toc-number">2.0.0.2.</span> <span class="toc-text">2、View菜单</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#3、Attacks模块下Packages功能"><span class="toc-number">2.0.0.3.</span> <span class="toc-text">3、Attacks模块下Packages功能</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#4、-Attacks模块下Web-Drive-by功能"><span class="toc-number">2.0.0.4.</span> <span class="toc-text">4、  Attacks模块下Web Drive-by功能</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#5、Reporting模块"><span class="toc-number">2.0.0.5.</span> <span class="toc-text">5、Reporting模块</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#6、Help模块"><span class="toc-number">2.0.0.6.</span> <span class="toc-text">6、Help模块</span></a></li></ol></li></ol></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike简单使用"><span class="toc-number">3.</span> <span class="toc-text">Cobalt Strike简单使用</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#一、配置监听器"><span class="toc-number">3.0.1.</span> <span class="toc-text">一、配置监听器</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#二、创建远程Payload"><span class="toc-number">3.0.2.</span> <span class="toc-text">二、创建远程Payload</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#三、右键菜单功能介绍"><span class="toc-number">3.0.3.</span> <span class="toc-text">三、右键菜单功能介绍</span></a><ol class="toc-child"><li class="toc-item toc-level-4"><a class="toc-link" href="#0、Interact功能简介："><span class="toc-number">3.0.3.1.</span> <span class="toc-text">0、Interact功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#1、Access下功能简介："><span class="toc-number">3.0.3.2.</span> <span class="toc-text">1、Access下功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#2、Explore功能简介："><span class="toc-number">3.0.3.3.</span> <span class="toc-text">2、Explore功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#3、Pivoting功能简介"><span class="toc-number">3.0.3.4.</span> <span class="toc-text">3、Pivoting功能简介:</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#4、Spawn功能简介："><span class="toc-number">3.0.3.5.</span> <span class="toc-text">4、Spawn功能简介：</span></a></li><li class="toc-item toc-level-4"><a class="toc-link" href="#5、Session功能简介："><span class="toc-number">3.0.3.6.</span> <span class="toc-text">5、Session功能简介：</span></a></li></ol></li></ol></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike和Metasploit联动："><span class="toc-number">4.</span> <span class="toc-text">Cobalt Strike和Metasploit联动：</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#Cobalt-Strike流量隐藏："><span class="toc-number">5.</span> <span class="toc-text">Cobalt Strike流量隐藏：</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#编写配置文件："><span class="toc-number">6.</span> <span class="toc-text">编写配置文件：</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#linux-内网渗透"><span class="toc-number">7.</span> <span class="toc-text">linux 内网渗透</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#魔改CS"><span class="toc-number">8.</span> <span class="toc-text">魔改CS</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#学习来源"><span class="toc-number">8.0.1.</span> <span class="toc-text">学习来源:</span></a></li></ol></li></ol></li></ol>
    </div>

    <div id="share-footer" style="display: none">
      <ul>
  <li><a class="icon" href="http://www.facebook.com/sharer.php?u=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/" target="_blank" rel="noopener"><i class="fab fa-facebook fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://twitter.com/share?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&text=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-twitter fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.linkedin.com/shareArticle?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-linkedin fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://pinterest.com/pin/create/bookmarklet/?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&is_video=false&description=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-pinterest fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="mailto:?subject=[内网安全]工具篇CobaltStrike基础使用&body=Check out this article: https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/"><i class="fas fa-envelope fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://getpocket.com/save?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-get-pocket fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://reddit.com/submit?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-reddit fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.stumbleupon.com/submit?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-stumbleupon fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://digg.com/submit?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&title=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-digg fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="http://www.tumblr.com/share/link?url=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&name=[内网安全]工具篇CobaltStrike基础使用&description=" target="_blank" rel="noopener"><i class="fab fa-tumblr fa-lg" aria-hidden="true"></i></a></li>
  <li><a class="icon" href="https://news.ycombinator.com/submitlink?u=https://github.com/TonyD0g/2022/03/22/%E5%86%85%E7%BD%91%E5%AE%89%E5%85%A8%E5%B7%A5%E5%85%B7%E7%AF%87CobaltStrike%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8/&t=[内网安全]工具篇CobaltStrike基础使用" target="_blank" rel="noopener"><i class="fab fa-hacker-news fa-lg" aria-hidden="true"></i></a></li>
</ul>

    </div>

    <div id="actions-footer">
        <a id="menu" class="icon" href="#" onclick="$('#nav-footer').toggle();return false;"><i class="fas fa-bars fa-lg" aria-hidden="true"></i> 菜单</a>
        <a id="toc" class="icon" href="#" onclick="$('#toc-footer').toggle();return false;"><i class="fas fa-list fa-lg" aria-hidden="true"></i> 目录</a>
        <a id="share" class="icon" href="#" onclick="$('#share-footer').toggle();return false;"><i class="fas fa-share-alt fa-lg" aria-hidden="true"></i> 分享</a>
        <a id="top" style="display:none" class="icon" href="#" onclick="$('html, body').animate({ scrollTop: 0 }, 'fast');"><i class="fas fa-chevron-up fa-lg" aria-hidden="true"></i> 返回顶部</a>
    </div>

  </div>
</div>

        
        <footer id="footer">
  <div class="footer-left">
    Copyright &copy;
    
    
    2016-2023
    TonyD0g
  </div>
  <div class="footer-right">
    <nav>
      <ul>
         
          <li><a href="/">首页</a></li>
         
          <li><a href="/about/">关于</a></li>
         
          <li><a href="/tags/">标签</a></li>
         
          <li><a href="/friends/">friends</a></li>
         
          <li><a href="/archives/">归档</a></li>
         
          <li><a href="https://github.com/TonyD0g">项目</a></li>
         
          <li><a href="/search/">搜索</a></li>
        
      </ul>
    </nav>
  </div>
</footer>

    </div>
    <!-- styles -->

<link rel="stylesheet" href="/lib/font-awesome/css/all.min.css">


<link rel="stylesheet" href="/lib/justified-gallery/css/justifiedGallery.min.css">


    <!-- jquery -->

<script src="/lib/jquery/jquery.min.js"></script>


<script src="/lib/justified-gallery/js/jquery.justifiedGallery.min.js"></script>

<!-- clipboard -->

  
<script src="/lib/clipboard/clipboard.min.js"></script>

  <script type="text/javascript">
  $(function() {
    // copy-btn HTML
    var btn = "<span class=\"btn-copy tooltipped tooltipped-sw\" aria-label=\"复制到粘贴板!\">";
    btn += '<i class="far fa-clone"></i>';
    btn += '</span>'; 
    // mount it!
    $(".highlight table").before(btn);
    var clip = new ClipboardJS('.btn-copy', {
      text: function(trigger) {
        return Array.from(trigger.nextElementSibling.querySelectorAll('.code')).reduce((str,it)=>str+it.innerText+'\n','')
      }
    });
    clip.on('success', function(e) {
      e.trigger.setAttribute('aria-label', "复制成功!");
      e.clearSelection();
    })
  })
  </script>


<script src="/js/main.js"></script>

<!-- search -->

<!-- Google Analytics -->

    <script type="text/javascript">
        (function(i,s,o,g,r,a,m) {i['GoogleAnalyticsObject']=r;i[r]=i[r]||function() {
        (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
        m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
        })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
        ga('create', 'UA-84578611-1', 'auto');
        ga('send', 'pageview');
    </script>

<!-- Baidu Analytics -->

    <script type="text/javascript">
        var _hmt = _hmt || [];
        (function() {
            var hm = document.createElement("script");
            hm.src = "https://hm.baidu.com/hm.js?2e6da3c375c789455b664cea6d4cb29c";
            var s = document.getElementsByTagName("script")[0];
            s.parentNode.insertBefore(hm, s);
        })();
    </script>

<!-- Disqus Comments -->


</body>
</html>
